diff options
Diffstat (limited to 'spec/requests/api')
42 files changed, 191 insertions, 269 deletions
diff --git a/spec/requests/api/access_requests_spec.rb b/spec/requests/api/access_requests_spec.rb index 35ca3635a9d..24389f28b21 100644 --- a/spec/requests/api/access_requests_spec.rb +++ b/spec/requests/api/access_requests_spec.rb @@ -8,8 +8,8 @@ describe API::AccessRequests do set(:project) do create(:project, :public, :access_requestable, creator_id: master.id, namespace: master.namespace) do |project| - project.team << [developer, :developer] - project.team << [master, :master] + project.add_developer(developer) + project.add_master(master) project.request_access(access_requester) end end diff --git a/spec/requests/api/award_emoji_spec.rb b/spec/requests/api/award_emoji_spec.rb index eaf12f71421..5adfb33677f 100644 --- a/spec/requests/api/award_emoji_spec.rb +++ b/spec/requests/api/award_emoji_spec.rb @@ -10,7 +10,7 @@ describe API::AwardEmoji do set(:note) { create(:note, project: project, noteable: issue) } before do - project.team << [user, :master] + project.add_master(user) end describe "GET /projects/:id/awardable/:awardable_id/award_emoji" do diff --git a/spec/requests/api/boards_spec.rb b/spec/requests/api/boards_spec.rb index 546a1697e56..c6c10025f7f 100644 --- a/spec/requests/api/boards_spec.rb +++ b/spec/requests/api/boards_spec.rb @@ -6,18 +6,18 @@ describe API::Boards do set(:non_member) { create(:user) } set(:guest) { create(:user) } set(:admin) { create(:user, :admin) } - set(:project) { create(:project, :public, creator_id: user.id, namespace: user.namespace ) } + set(:board_parent) { create(:project, :public, creator_id: user.id, namespace: user.namespace ) } set(:dev_label) do - create(:label, title: 'Development', color: '#FFAABB', project: project) + create(:label, title: 'Development', color: '#FFAABB', project: board_parent) end set(:test_label) do - create(:label, title: 'Testing', color: '#FFAACC', project: project) + create(:label, title: 'Testing', color: '#FFAACC', project: board_parent) end set(:ux_label) do - create(:label, title: 'UX', color: '#FF0000', project: project) + create(:label, title: 'UX', color: '#FF0000', project: board_parent) end set(:dev_list) do @@ -28,180 +28,25 @@ describe API::Boards do create(:list, label: test_label, position: 2) end - set(:board) do - create(:board, project: project, lists: [dev_list, test_list]) - end - - before do - project.team << [user, :reporter] - project.team << [guest, :guest] - end + set(:milestone) { create(:milestone, project: board_parent) } + set(:board_label) { create(:label, project: board_parent) } + set(:board) { create(:board, project: board_parent, lists: [dev_list, test_list]) } - describe "GET /projects/:id/boards" do - let(:base_url) { "/projects/#{project.id}/boards" } + it_behaves_like 'group and project boards', "/projects/:id/boards" - context "when unauthenticated" do - it "returns authentication error" do - get api(base_url) - - expect(response).to have_gitlab_http_status(401) - end - end - - context "when authenticated" do - it "returns the project issue board" do - get api(base_url, user) - - expect(response).to have_gitlab_http_status(200) - expect(response).to include_pagination_headers - expect(json_response).to be_an Array - expect(json_response.length).to eq(1) - expect(json_response.first['id']).to eq(board.id) - expect(json_response.first['lists']).to be_an Array - expect(json_response.first['lists'].length).to eq(2) - expect(json_response.first['lists'].last).to have_key('position') - end - end - end - - describe "GET /projects/:id/boards/:board_id/lists" do - let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" } - - it 'returns issue board lists' do - get api(base_url, user) - - expect(response).to have_gitlab_http_status(200) - expect(response).to include_pagination_headers - expect(json_response).to be_an Array - expect(json_response.length).to eq(2) - expect(json_response.first['label']['name']).to eq(dev_label.title) - end - - it 'returns 404 if board not found' do - get api("/projects/#{project.id}/boards/22343/lists", user) - - expect(response).to have_gitlab_http_status(404) - end - end - - describe "GET /projects/:id/boards/:board_id/lists/:list_id" do - let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" } - - it 'returns a list' do - get api("#{base_url}/#{dev_list.id}", user) - - expect(response).to have_gitlab_http_status(200) - expect(json_response['id']).to eq(dev_list.id) - expect(json_response['label']['name']).to eq(dev_label.title) - expect(json_response['position']).to eq(1) - end - - it 'returns 404 if list not found' do - get api("#{base_url}/5324", user) - - expect(response).to have_gitlab_http_status(404) - end - end - - describe "POST /projects/:id/board/lists" do - let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" } + describe "POST /projects/:id/boards/lists" do + let(:url) { "/projects/#{board_parent.id}/boards/#{board.id}/lists" } it 'creates a new issue board list for group labels' do group = create(:group) group_label = create(:group_label, group: group) - project.update(group: group) + board_parent.update(group: group) - post api(base_url, user), label_id: group_label.id + post api(url, user), label_id: group_label.id expect(response).to have_gitlab_http_status(201) expect(json_response['label']['name']).to eq(group_label.title) expect(json_response['position']).to eq(3) end - - it 'creates a new issue board list for project labels' do - post api(base_url, user), label_id: ux_label.id - - expect(response).to have_gitlab_http_status(201) - expect(json_response['label']['name']).to eq(ux_label.title) - expect(json_response['position']).to eq(3) - end - - it 'returns 400 when creating a new list if label_id is invalid' do - post api(base_url, user), label_id: 23423 - - expect(response).to have_gitlab_http_status(400) - end - - it 'returns 403 for project members with guest role' do - put api("#{base_url}/#{test_list.id}", guest), position: 1 - - expect(response).to have_gitlab_http_status(403) - end - end - - describe "PUT /projects/:id/boards/:board_id/lists/:list_id to update only position" do - let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" } - - it "updates a list" do - put api("#{base_url}/#{test_list.id}", user), - position: 1 - - expect(response).to have_gitlab_http_status(200) - expect(json_response['position']).to eq(1) - end - - it "returns 404 error if list id not found" do - put api("#{base_url}/44444", user), - position: 1 - - expect(response).to have_gitlab_http_status(404) - end - - it "returns 403 for project members with guest role" do - put api("#{base_url}/#{test_list.id}", guest), - position: 1 - - expect(response).to have_gitlab_http_status(403) - end - end - - describe "DELETE /projects/:id/board/lists/:list_id" do - let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" } - - it "rejects a non member from deleting a list" do - delete api("#{base_url}/#{dev_list.id}", non_member) - - expect(response).to have_gitlab_http_status(403) - end - - it "rejects a user with guest role from deleting a list" do - delete api("#{base_url}/#{dev_list.id}", guest) - - expect(response).to have_gitlab_http_status(403) - end - - it "returns 404 error if list id not found" do - delete api("#{base_url}/44444", user) - - expect(response).to have_gitlab_http_status(404) - end - - context "when the user is project owner" do - set(:owner) { create(:user) } - - before do - project.update(namespace: owner.namespace) - end - - it "deletes the list if an admin requests it" do - delete api("#{base_url}/#{dev_list.id}", owner) - - expect(response).to have_gitlab_http_status(204) - end - - it_behaves_like '412 response' do - let(:request) { api("#{base_url}/#{dev_list.id}", owner) } - end - end end end diff --git a/spec/requests/api/deployments_spec.rb b/spec/requests/api/deployments_spec.rb index c7977e624ff..6732c99e329 100644 --- a/spec/requests/api/deployments_spec.rb +++ b/spec/requests/api/deployments_spec.rb @@ -7,7 +7,7 @@ describe API::Deployments do let!(:deployment) { create(:deployment) } before do - project.team << [user, :master] + project.add_master(user) end describe 'GET /projects/:id/deployments' do diff --git a/spec/requests/api/environments_spec.rb b/spec/requests/api/environments_spec.rb index 3665cfd7241..53d48a91007 100644 --- a/spec/requests/api/environments_spec.rb +++ b/spec/requests/api/environments_spec.rb @@ -7,7 +7,7 @@ describe API::Environments do let!(:environment) { create(:environment, project: project) } before do - project.team << [user, :master] + project.add_master(user) end describe 'GET /projects/:id/environments' do diff --git a/spec/requests/api/files_spec.rb b/spec/requests/api/files_spec.rb index 5d8338a3fb7..d8fdfd6dee1 100644 --- a/spec/requests/api/files_spec.rb +++ b/spec/requests/api/files_spec.rb @@ -14,7 +14,7 @@ describe API::Files do let(:author_name) { 'John Doe' } before do - project.team << [user, :developer] + project.add_developer(user) end def route(file_path = nil) diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb index 6330c140246..3c0b4728dc2 100644 --- a/spec/requests/api/groups_spec.rb +++ b/spec/requests/api/groups_spec.rb @@ -417,7 +417,7 @@ describe API::Groups do end it "only returns projects to which user has access" do - project3.team << [user3, :developer] + project3.add_developer(user3) get api("/groups/#{group1.id}/projects", user3) diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb index 3c31980b273..7b25047ea8f 100644 --- a/spec/requests/api/internal_spec.rb +++ b/spec/requests/api/internal_spec.rb @@ -147,7 +147,7 @@ describe API::Internal do describe "POST /internal/lfs_authenticate" do before do - project.team << [user, :developer] + project.add_developer(user) end context 'user key' do @@ -199,7 +199,7 @@ describe API::Internal do end before do - project.team << [user, :developer] + project.add_developer(user) end context 'with env passed as a JSON' do @@ -359,7 +359,7 @@ describe API::Internal do context "access denied" do before do - project.team << [user, :guest] + project.add_guest(user) end context "git pull" do @@ -413,7 +413,7 @@ describe API::Internal do context "archived project" do before do - project.team << [user, :developer] + project.add_developer(user) project.archive! end @@ -527,7 +527,7 @@ describe API::Internal do context 'web actions are always allowed' do it 'allows WEB push' do stub_application_setting(enabled_git_access_protocol: 'ssh') - project.team << [user, :developer] + project.add_developer(user) push(key, project, 'web') expect(response.status).to eq(200) @@ -540,7 +540,7 @@ describe API::Internal do let!(:repository) { project.repository } before do - project.team << [user, :developer] + project.add_developer(user) project.path = 'new_path' project.save! end @@ -566,7 +566,7 @@ describe API::Internal do let(:changes) { URI.escape("#{Gitlab::Git::BLANK_SHA} 570e7b2abdd848b95f2f578043fc23bd6f6fd24d refs/heads/new_branch") } before do - project.team << [user, :developer] + project.add_developer(user) end it 'returns link to create new merge request' do @@ -701,7 +701,7 @@ describe API::Internal do end before do - project.team << [user, :developer] + project.add_developer(user) allow(described_class).to receive(:identify).and_return(user) allow_any_instance_of(Gitlab::Identifier).to receive(:identify).and_return(user) end @@ -784,6 +784,16 @@ describe API::Internal do expect(json_response["redirected_message"]).to eq(project_moved.redirect_message) end end + + context 'with an orphaned write deploy key' do + it 'does not try to notify that project moved' do + allow_any_instance_of(Gitlab::Identifier).to receive(:identify).and_return(nil) + + post api("/internal/post_receive"), valid_params + + expect(response).to have_gitlab_http_status(200) + end + end end describe 'POST /internal/pre_receive' do diff --git a/spec/requests/api/issues_spec.rb b/spec/requests/api/issues_spec.rb index 3f5070a1fd2..320217f2032 100644 --- a/spec/requests/api/issues_spec.rb +++ b/spec/requests/api/issues_spec.rb @@ -58,8 +58,8 @@ describe API::Issues, :mailer do let(:no_milestone_title) { URI.escape(Milestone::None.title) } before(:all) do - project.team << [user, :reporter] - project.team << [guest, :guest] + project.add_reporter(user) + project.add_guest(guest) end describe "GET /issues" do @@ -344,7 +344,7 @@ describe API::Issues, :mailer do let!(:group_note) { create(:note_on_issue, author: user, project: group_project, noteable: group_issue) } before do - group_project.team << [user, :reporter] + group_project.add_reporter(user) end let(:base_url) { "/groups/#{group.id}/issues" } @@ -967,7 +967,7 @@ describe API::Issues, :mailer do let(:project) { merge_request.source_project } before do - project.team << [user, :master] + project.add_master(user) end context 'resolving all discussions in a merge request' do @@ -1582,4 +1582,16 @@ describe API::Issues, :mailer do expect(json_response).to be_an Array expect(json_response.length).to eq(size) if size end + + describe 'GET projects/:id/issues/:issue_iid/participants' do + it_behaves_like 'issuable participants endpoint' do + let(:entity) { issue } + end + + it 'returns 404 if the issue is confidential' do + post api("/projects/#{project.id}/issues/#{confidential_issue.iid}/participants", non_member) + + expect(response).to have_gitlab_http_status(404) + end + end end diff --git a/spec/requests/api/jobs_spec.rb b/spec/requests/api/jobs_spec.rb index 2a83213e87a..805496e4a54 100644 --- a/spec/requests/api/jobs_spec.rb +++ b/spec/requests/api/jobs_spec.rb @@ -11,7 +11,7 @@ describe API::Jobs do ref: project.default_branch) end - let!(:job) { create(:ci_build, pipeline: pipeline) } + let!(:job) { create(:ci_build, :success, pipeline: pipeline) } let(:user) { create(:user) } let(:api_user) { user } @@ -443,7 +443,7 @@ describe API::Jobs do context 'user with :update_build persmission' do it 'cancels running or pending job' do expect(response).to have_gitlab_http_status(201) - expect(project.builds.first.status).to eq('canceled') + expect(project.builds.first.status).to eq('success') end end @@ -503,7 +503,7 @@ describe API::Jobs do let(:role) { :master } before do - project.team << [user, role] + project.add_role(user, role) post api("/projects/#{project.id}/jobs/#{job.id}/erase", user) end diff --git a/spec/requests/api/labels_spec.rb b/spec/requests/api/labels_spec.rb index 3498e5bc8d9..34cbf75f4c1 100644 --- a/spec/requests/api/labels_spec.rb +++ b/spec/requests/api/labels_spec.rb @@ -7,7 +7,7 @@ describe API::Labels do let!(:priority_label) { create(:label, title: 'bug', project: project, priority: 3) } before do - project.team << [user, :master] + project.add_master(user) end describe 'GET /projects/:id/labels' do diff --git a/spec/requests/api/members_spec.rb b/spec/requests/api/members_spec.rb index 3349e396ab8..5d4f81e07a6 100644 --- a/spec/requests/api/members_spec.rb +++ b/spec/requests/api/members_spec.rb @@ -8,8 +8,8 @@ describe API::Members do let(:project) do create(:project, :public, :access_requestable, creator_id: master.id, namespace: master.namespace) do |project| - project.team << [developer, :developer] - project.team << [master, :master] + project.add_developer(developer) + project.add_master(master) project.request_access(access_requester) end end diff --git a/spec/requests/api/merge_request_diffs_spec.rb b/spec/requests/api/merge_request_diffs_spec.rb index bf4c8443b23..cb647aee70f 100644 --- a/spec/requests/api/merge_request_diffs_spec.rb +++ b/spec/requests/api/merge_request_diffs_spec.rb @@ -8,7 +8,7 @@ describe API::MergeRequestDiffs, 'MergeRequestDiffs' do before do merge_request.merge_request_diffs.create(head_commit_sha: '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9') merge_request.merge_request_diffs.create(head_commit_sha: '5937ac0a7beb003549fc5fd26fc247adbce4a52e') - project.team << [user, :master] + project.add_master(user) end describe 'GET /projects/:id/merge_requests/:merge_request_iid/versions' do diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb index 91616da6d9a..0c9fbb1f187 100644 --- a/spec/requests/api/merge_requests_spec.rb +++ b/spec/requests/api/merge_requests_spec.rb @@ -25,7 +25,7 @@ describe API::MergeRequests do let!(:upvote) { create(:award_emoji, :upvote, awardable: merge_request) } before do - project.team << [user, :reporter] + project.add_reporter(user) end describe 'GET /merge_requests' do @@ -150,6 +150,26 @@ describe API::MergeRequests do expect(json_response.length).to eq(1) expect(json_response.first['id']).to eq(merge_request3.id) end + + context 'search params' do + before do + merge_request.update(title: 'Search title', description: 'Search description') + end + + it 'returns merge requests matching given search string for title' do + get api("/merge_requests", user), search: merge_request.title + + expect(json_response.length).to eq(1) + expect(json_response.first['id']).to eq(merge_request.id) + end + + it 'returns merge requests for project matching given search string for description' do + get api("/merge_requests", user), project_id: project.id, search: merge_request.description + + expect(json_response.length).to eq(1) + expect(json_response.first['id']).to eq(merge_request.id) + end + end end end @@ -480,6 +500,12 @@ describe API::MergeRequests do end end + describe 'GET /projects/:id/merge_requests/:merge_request_iid/participants' do + it_behaves_like 'issuable participants endpoint' do + let(:entity) { merge_request } + end + end + describe 'GET /projects/:id/merge_requests/:merge_request_iid/commits' do it 'returns a 200 when merge request is valid' do get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/commits", user) @@ -710,7 +736,7 @@ describe API::MergeRequests do let(:developer) { create(:user) } before do - project.team << [developer, :developer] + project.add_developer(developer) end it "denies the deletion of the merge request" do @@ -788,7 +814,7 @@ describe API::MergeRequests do it "returns 401 if user has no permissions to merge" do user2 = create(:user) - project.team << [user2, :reporter] + project.add_reporter(user2) put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user2) expect(response).to have_gitlab_http_status(401) expect(json_response['message']).to eq('401 Unauthorized') @@ -977,7 +1003,7 @@ describe API::MergeRequests do project = create(:project, :private) merge_request = create(:merge_request, :simple, source_project: project) guest = create(:user) - project.team << [guest, :guest] + project.add_guest(guest) get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/closes_issues", guest) @@ -1025,7 +1051,7 @@ describe API::MergeRequests do it 'returns 403 if user has no access to read code' do guest = create(:user) - project.team << [guest, :guest] + project.add_guest(guest) post api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/subscribe", guest) @@ -1061,7 +1087,7 @@ describe API::MergeRequests do it 'returns 403 if user has no access to read code' do guest = create(:user) - project.team << [guest, :guest] + project.add_guest(guest) post api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/unsubscribe", guest) diff --git a/spec/requests/api/notes_spec.rb b/spec/requests/api/notes_spec.rb index 3bfb4c5506f..981c9c27325 100644 --- a/spec/requests/api/notes_spec.rb +++ b/spec/requests/api/notes_spec.rb @@ -14,7 +14,7 @@ describe API::Notes do let(:private_user) { create(:user) } let(:private_project) do create(:project, namespace: private_user.namespace) - .tap { |p| p.team << [private_user, :master] } + .tap { |p| p.add_master(private_user) } end let(:private_issue) { create(:issue, project: private_project) } @@ -29,7 +29,7 @@ describe API::Notes do end before do - project.team << [user, :reporter] + project.add_reporter(user) end describe "GET /projects/:id/noteable/:noteable_id/notes" do @@ -464,7 +464,7 @@ describe API::Notes do describe "POST /projects/:id/noteable/:noteable_id/notes to test observer on create" do it "creates an activity event when an issue note is created" do - expect(Event).to receive(:create) + expect(Event).to receive(:create!) post api("/projects/#{project.id}/issues/#{issue.iid}/notes", user), body: 'hi!' end diff --git a/spec/requests/api/pages_domains_spec.rb b/spec/requests/api/pages_domains_spec.rb index d412b045e9f..5d01dc37f0e 100644 --- a/spec/requests/api/pages_domains_spec.rb +++ b/spec/requests/api/pages_domains_spec.rb @@ -46,6 +46,7 @@ describe API::PagesDomains do expect(json_response).to be_an Array expect(json_response.size).to eq(3) expect(json_response.last).to have_key('domain') + expect(json_response.last).to have_key('project_id') expect(json_response.last).to have_key('certificate_expiration') expect(json_response.last['certificate_expiration']['expired']).to be true expect(json_response.first).not_to have_key('certificate_expiration') diff --git a/spec/requests/api/pipelines_spec.rb b/spec/requests/api/pipelines_spec.rb index e4dcc9252fa..0736329f9fd 100644 --- a/spec/requests/api/pipelines_spec.rb +++ b/spec/requests/api/pipelines_spec.rb @@ -11,7 +11,7 @@ describe API::Pipelines do end before do - project.team << [user, :master] + project.add_master(user) end describe 'GET /projects/:id/pipelines ' do @@ -424,7 +424,7 @@ describe API::Pipelines do let!(:reporter) { create(:user) } before do - project.team << [reporter, :reporter] + project.add_reporter(reporter) end it 'rejects the action' do diff --git a/spec/requests/api/project_hooks_spec.rb b/spec/requests/api/project_hooks_spec.rb index f31344a6238..1fd082ecc38 100644 --- a/spec/requests/api/project_hooks_spec.rb +++ b/spec/requests/api/project_hooks_spec.rb @@ -13,8 +13,8 @@ describe API::ProjectHooks, 'ProjectHooks' do end before do - project.team << [user, :master] - project.team << [user3, :developer] + project.add_master(user) + project.add_developer(user3) end describe "GET /projects/:id/hooks" do @@ -206,7 +206,7 @@ describe API::ProjectHooks, 'ProjectHooks' do it "returns a 404 if a user attempts to delete project hooks he/she does not own" do test_user = create(:user) other_project = create(:project) - other_project.team << [test_user, :master] + other_project.add_master(test_user) delete api("/projects/#{other_project.id}/hooks/#{hook.id}", test_user) expect(response).to have_gitlab_http_status(404) diff --git a/spec/requests/api/project_milestones_spec.rb b/spec/requests/api/project_milestones_spec.rb index 72e1574b55f..08ea7314bb3 100644 --- a/spec/requests/api/project_milestones_spec.rb +++ b/spec/requests/api/project_milestones_spec.rb @@ -7,7 +7,7 @@ describe API::ProjectMilestones do let!(:milestone) { create(:milestone, project: project, title: 'version2', description: 'open milestone') } before do - project.team << [user, :developer] + project.add_developer(user) end it_behaves_like 'group and project milestones', "/projects/:id/milestones" do @@ -16,7 +16,7 @@ describe API::ProjectMilestones do describe 'PUT /projects/:id/milestones/:milestone_id to test observer on close' do it 'creates an activity event when an milestone is closed' do - expect(Event).to receive(:create) + expect(Event).to receive(:create!) put api("/projects/#{project.id}/milestones/#{milestone.id}", user), state_event: 'close' diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb index a41345da05b..de1763015fa 100644 --- a/spec/requests/api/projects_spec.rb +++ b/spec/requests/api/projects_spec.rb @@ -908,7 +908,7 @@ describe API::Projects do describe 'permissions' do context 'all projects' do before do - project.team << [user, :master] + project.add_master(user) end it 'contains permission information' do @@ -923,7 +923,7 @@ describe API::Projects do context 'personal project' do it 'sets project access and returns 200' do - project.team << [user, :master] + project.add_master(user) get api("/projects/#{project.id}", user) expect(response).to have_gitlab_http_status(200) @@ -1539,7 +1539,7 @@ describe API::Projects do context 'user without archiving rights to the project' do before do - project.team << [user3, :developer] + project.add_developer(user3) end it 'rejects the action' do @@ -1575,7 +1575,7 @@ describe API::Projects do context 'user without archiving rights to the project' do before do - project.team << [user3, :developer] + project.add_developer(user3) end it 'rejects the action' do @@ -1650,7 +1650,7 @@ describe API::Projects do it 'does not remove a project if not an owner' do user3 = create(:user) - project.team << [user3, :developer] + project.add_developer(user3) delete api("/projects/#{project.id}", user3) expect(response).to have_gitlab_http_status(403) end diff --git a/spec/requests/api/services_spec.rb b/spec/requests/api/services_spec.rb index ba697e2b305..26d56c04862 100644 --- a/spec/requests/api/services_spec.rb +++ b/spec/requests/api/services_spec.rb @@ -53,6 +53,10 @@ describe API::Services do describe "DELETE /projects/:id/services/#{service.dasherize}" do include_context service + before do + initialize_service(service) + end + it "deletes #{service}" do delete api("/projects/#{project.id}/services/#{dashed_service}", user) @@ -67,9 +71,7 @@ describe API::Services do # inject some properties into the service before do - service_object = project.find_or_initialize_service(service) - service_object.properties = service_attrs - service_object.save + initialize_service(service) end it 'returns authentication error when unauthenticated' do @@ -92,7 +94,7 @@ describe API::Services do end it "returns error when authenticated but not a project owner" do - project.team << [user2, :developer] + project.add_developer(user2) get api("/projects/#{project.id}/services/#{dashed_service}", user2) expect(response).to have_gitlab_http_status(403) diff --git a/spec/requests/api/todos_spec.rb b/spec/requests/api/todos_spec.rb index c6063a2e089..fb3a33cadff 100644 --- a/spec/requests/api/todos_spec.rb +++ b/spec/requests/api/todos_spec.rb @@ -13,8 +13,8 @@ describe API::Todos do let!(:done) { create(:todo, :done, project: project_1, author: author_1, user: john_doe) } before do - project_1.team << [john_doe, :developer] - project_2.team << [john_doe, :developer] + project_1.add_developer(john_doe) + project_2.add_developer(john_doe) end describe 'GET /todos' do @@ -191,7 +191,7 @@ describe API::Todos do it 'returns an error if the issuable is not accessible' do guest = create(:user) - project_1.team << [guest, :guest] + project_1.add_guest(guest) post api("/projects/#{project_1.id}/#{issuable_type}/#{issuable.iid}/todo", guest) diff --git a/spec/requests/api/v3/award_emoji_spec.rb b/spec/requests/api/v3/award_emoji_spec.rb index 0cd8b70007f..6dc430676b0 100644 --- a/spec/requests/api/v3/award_emoji_spec.rb +++ b/spec/requests/api/v3/award_emoji_spec.rb @@ -9,7 +9,7 @@ describe API::V3::AwardEmoji do let!(:downvote) { create(:award_emoji, :downvote, awardable: merge_request, user: user) } set(:note) { create(:note, project: project, noteable: issue) } - before { project.team << [user, :master] } + before { project.add_master(user) } describe "GET /projects/:id/awardable/:awardable_id/award_emoji" do context 'on an issue' do diff --git a/spec/requests/api/v3/boards_spec.rb b/spec/requests/api/v3/boards_spec.rb index 14409d25544..dde4f096193 100644 --- a/spec/requests/api/v3/boards_spec.rb +++ b/spec/requests/api/v3/boards_spec.rb @@ -27,8 +27,8 @@ describe API::V3::Boards do end before do - project.team << [user, :reporter] - project.team << [guest, :guest] + project.add_reporter(user) + project.add_guest(guest) end describe "GET /projects/:id/boards" do diff --git a/spec/requests/api/v3/commits_spec.rb b/spec/requests/api/v3/commits_spec.rb index d31c94ddd2c..8b115e01f47 100644 --- a/spec/requests/api/v3/commits_spec.rb +++ b/spec/requests/api/v3/commits_spec.rb @@ -9,11 +9,11 @@ describe API::V3::Commits do let!(:note) { create(:note_on_commit, author: user, project: project, commit_id: project.repository.commit.id, note: 'a comment on a commit') } let!(:another_note) { create(:note_on_commit, author: user, project: project, commit_id: project.repository.commit.id, note: 'another comment on a commit') } - before { project.team << [user, :reporter] } + before { project.add_reporter(user) } describe "List repository commits" do context "authorized user" do - before { project.team << [user2, :reporter] } + before { project.add_reporter(user2) } it "returns project commits" do commit = project.repository.commit @@ -415,7 +415,7 @@ describe API::V3::Commits do describe "Get the diff of a commit" do context "authorized user" do - before { project.team << [user2, :reporter] } + before { project.add_reporter(user2) } it "returns the diff of the selected commit" do get v3_api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}/diff", user) @@ -487,7 +487,7 @@ describe API::V3::Commits do end it 'returns 400 if you are not allowed to push to the target branch' do - project.team << [user2, :developer] + project.add_developer(user2) protected_branch = create(:protected_branch, project: project, name: 'feature') post v3_api("/projects/#{project.id}/repository/commits/#{master_pickable_commit.id}/cherry_pick", user2), branch: protected_branch.name diff --git a/spec/requests/api/v3/deployments_spec.rb b/spec/requests/api/v3/deployments_spec.rb index 90eabda4dac..ac86fbea498 100644 --- a/spec/requests/api/v3/deployments_spec.rb +++ b/spec/requests/api/v3/deployments_spec.rb @@ -7,7 +7,7 @@ describe API::V3::Deployments do let!(:deployment) { create(:deployment) } before do - project.team << [user, :master] + project.add_master(user) end shared_examples 'a paginated resources' do diff --git a/spec/requests/api/v3/environments_spec.rb b/spec/requests/api/v3/environments_spec.rb index 937250b5219..68be5256b64 100644 --- a/spec/requests/api/v3/environments_spec.rb +++ b/spec/requests/api/v3/environments_spec.rb @@ -7,7 +7,7 @@ describe API::V3::Environments do let!(:environment) { create(:environment, project: project) } before do - project.team << [user, :master] + project.add_master(user) end shared_examples 'a paginated resources' do diff --git a/spec/requests/api/v3/files_spec.rb b/spec/requests/api/v3/files_spec.rb index 5500c1cf770..26a3d8870a0 100644 --- a/spec/requests/api/v3/files_spec.rb +++ b/spec/requests/api/v3/files_spec.rb @@ -27,7 +27,7 @@ describe API::V3::Files do let(:author_email) { 'user@example.org' } let(:author_name) { 'John Doe' } - before { project.team << [user, :developer] } + before { project.add_developer(user) } describe "GET /projects/:id/repository/files" do let(:route) { "/projects/#{project.id}/repository/files" } diff --git a/spec/requests/api/v3/groups_spec.rb b/spec/requests/api/v3/groups_spec.rb index 498cb42fad1..a1cdf583de3 100644 --- a/spec/requests/api/v3/groups_spec.rb +++ b/spec/requests/api/v3/groups_spec.rb @@ -330,7 +330,7 @@ describe API::V3::Groups do end it "only returns projects to which user has access" do - project3.team << [user3, :developer] + project3.add_developer(user3) get v3_api("/groups/#{group1.id}/projects", user3) diff --git a/spec/requests/api/v3/issues_spec.rb b/spec/requests/api/v3/issues_spec.rb index 39a47a62f16..0dd6d673625 100644 --- a/spec/requests/api/v3/issues_spec.rb +++ b/spec/requests/api/v3/issues_spec.rb @@ -50,8 +50,8 @@ describe API::V3::Issues, :mailer do let(:no_milestone_title) { URI.escape(Milestone::None.title) } before do - project.team << [user, :reporter] - project.team << [guest, :guest] + project.add_reporter(user) + project.add_guest(guest) end describe "GET /issues" do @@ -278,7 +278,7 @@ describe API::V3::Issues, :mailer do let!(:group_note) { create(:note_on_issue, author: user, project: group_project, noteable: group_issue) } before do - group_project.team << [user, :reporter] + group_project.add_reporter(user) end let(:base_url) { "/groups/#{group.id}/issues" } @@ -827,7 +827,7 @@ describe API::V3::Issues, :mailer do let(:merge_request) { discussion.noteable } let(:project) { merge_request.source_project } before do - project.team << [user, :master] + project.add_master(user) post v3_api("/projects/#{project.id}/issues", user), title: 'New Issue', merge_request_for_resolving_discussions: merge_request.iid diff --git a/spec/requests/api/v3/labels_spec.rb b/spec/requests/api/v3/labels_spec.rb index 1d31213d5ca..cdab4d2bd73 100644 --- a/spec/requests/api/v3/labels_spec.rb +++ b/spec/requests/api/v3/labels_spec.rb @@ -7,7 +7,7 @@ describe API::V3::Labels do let!(:priority_label) { create(:label, title: 'bug', project: project, priority: 3) } before do - project.team << [user, :master] + project.add_master(user) end describe 'GET /projects/:id/labels' do diff --git a/spec/requests/api/v3/members_spec.rb b/spec/requests/api/v3/members_spec.rb index 68be3d24c26..b91782ae511 100644 --- a/spec/requests/api/v3/members_spec.rb +++ b/spec/requests/api/v3/members_spec.rb @@ -8,8 +8,8 @@ describe API::V3::Members do let(:project) do create(:project, :public, :access_requestable, creator_id: master.id, namespace: master.namespace) do |project| - project.team << [developer, :developer] - project.team << [master, :master] + project.add_developer(developer) + project.add_master(master) project.request_access(access_requester) end end diff --git a/spec/requests/api/v3/merge_request_diffs_spec.rb b/spec/requests/api/v3/merge_request_diffs_spec.rb index e613036a88d..547c066fadc 100644 --- a/spec/requests/api/v3/merge_request_diffs_spec.rb +++ b/spec/requests/api/v3/merge_request_diffs_spec.rb @@ -8,7 +8,7 @@ describe API::V3::MergeRequestDiffs, 'MergeRequestDiffs' do before do merge_request.merge_request_diffs.create(head_commit_sha: '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9') merge_request.merge_request_diffs.create(head_commit_sha: '5937ac0a7beb003549fc5fd26fc247adbce4a52e') - project.team << [user, :master] + project.add_master(user) end describe 'GET /projects/:id/merge_requests/:merge_request_id/versions' do diff --git a/spec/requests/api/v3/merge_requests_spec.rb b/spec/requests/api/v3/merge_requests_spec.rb index 2e2b9449429..b8b7d9d1c40 100644 --- a/spec/requests/api/v3/merge_requests_spec.rb +++ b/spec/requests/api/v3/merge_requests_spec.rb @@ -14,7 +14,7 @@ describe API::MergeRequests do let(:milestone) { create(:milestone, title: '1.0.0', project: project) } before do - project.team << [user, :reporter] + project.add_reporter(user) end describe "GET /projects/:id/merge_requests" do @@ -396,7 +396,7 @@ describe API::MergeRequests do let(:developer) { create(:user) } before do - project.team << [developer, :developer] + project.add_developer(developer) end it "denies the deletion of the merge request" do @@ -458,7 +458,7 @@ describe API::MergeRequests do it "returns 401 if user has no permissions to merge" do user2 = create(:user) - project.team << [user2, :reporter] + project.add_reporter(user2) put v3_api("/projects/#{project.id}/merge_requests/#{merge_request.id}/merge", user2) expect(response).to have_gitlab_http_status(401) expect(json_response['message']).to eq('401 Unauthorized') @@ -645,7 +645,7 @@ describe API::MergeRequests do project = create(:project, :private, :repository) merge_request = create(:merge_request, :simple, source_project: project) guest = create(:user) - project.team << [guest, :guest] + project.add_guest(guest) get v3_api("/projects/#{project.id}/merge_requests/#{merge_request.id}/closes_issues", guest) @@ -675,7 +675,7 @@ describe API::MergeRequests do it 'returns 403 if user has no access to read code' do guest = create(:user) - project.team << [guest, :guest] + project.add_guest(guest) post v3_api("/projects/#{project.id}/merge_requests/#{merge_request.id}/subscription", guest) @@ -705,7 +705,7 @@ describe API::MergeRequests do it 'returns 403 if user has no access to read code' do guest = create(:user) - project.team << [guest, :guest] + project.add_guest(guest) delete v3_api("/projects/#{project.id}/merge_requests/#{merge_request.id}/subscription", guest) diff --git a/spec/requests/api/v3/milestones_spec.rb b/spec/requests/api/v3/milestones_spec.rb index e82f35598a6..6021600e09c 100644 --- a/spec/requests/api/v3/milestones_spec.rb +++ b/spec/requests/api/v3/milestones_spec.rb @@ -6,7 +6,7 @@ describe API::V3::Milestones do let!(:closed_milestone) { create(:closed_milestone, project: project) } let!(:milestone) { create(:milestone, project: project) } - before { project.team << [user, :developer] } + before { project.add_developer(user) } describe 'GET /projects/:id/milestones' do it 'returns project milestones' do @@ -161,7 +161,7 @@ describe API::V3::Milestones do describe 'PUT /projects/:id/milestones/:milestone_id to test observer on close' do it 'creates an activity event when an milestone is closed' do - expect(Event).to receive(:create) + expect(Event).to receive(:create!) put v3_api("/projects/#{project.id}/milestones/#{milestone.id}", user), state_event: 'close' @@ -200,7 +200,7 @@ describe API::V3::Milestones do let(:confidential_issue) { create(:issue, confidential: true, project: public_project) } before do - public_project.team << [user, :developer] + public_project.add_developer(user) milestone.issues << issue << confidential_issue end @@ -215,7 +215,7 @@ describe API::V3::Milestones do it 'does not return confidential issues to team members with guest role' do member = create(:user) - project.team << [member, :guest] + project.add_guest(member) get v3_api("/projects/#{public_project.id}/milestones/#{milestone.id}/issues", member) diff --git a/spec/requests/api/v3/notes_spec.rb b/spec/requests/api/v3/notes_spec.rb index d3455a4bba4..5532795ab02 100644 --- a/spec/requests/api/v3/notes_spec.rb +++ b/spec/requests/api/v3/notes_spec.rb @@ -14,7 +14,7 @@ describe API::V3::Notes do let(:private_user) { create(:user) } let(:private_project) do create(:project, namespace: private_user.namespace) - .tap { |p| p.team << [private_user, :master] } + .tap { |p| p.add_master(private_user) } end let(:private_issue) { create(:issue, project: private_project) } @@ -28,7 +28,7 @@ describe API::V3::Notes do system: true end - before { project.team << [user, :reporter] } + before { project.add_reporter(user) } describe "GET /projects/:id/noteable/:noteable_id/notes" do context "when noteable is an Issue" do @@ -302,7 +302,7 @@ describe API::V3::Notes do describe "POST /projects/:id/noteable/:noteable_id/notes to test observer on create" do it "creates an activity event when an issue note is created" do - expect(Event).to receive(:create) + expect(Event).to receive(:create!) post v3_api("/projects/#{project.id}/issues/#{issue.id}/notes", user), body: 'hi!' end diff --git a/spec/requests/api/v3/pipelines_spec.rb b/spec/requests/api/v3/pipelines_spec.rb index 1c7d9fe32bb..ea943f22c41 100644 --- a/spec/requests/api/v3/pipelines_spec.rb +++ b/spec/requests/api/v3/pipelines_spec.rb @@ -10,7 +10,7 @@ describe API::V3::Pipelines do ref: project.default_branch) end - before { project.team << [user, :master] } + before { project.add_master(user) } shared_examples 'a paginated resources' do before do @@ -188,7 +188,7 @@ describe API::V3::Pipelines do context 'user without proper access rights' do let!(:reporter) { create(:user) } - before { project.team << [reporter, :reporter] } + before { project.add_reporter(reporter) } it 'rejects the action' do post v3_api("/projects/#{project.id}/pipelines/#{pipeline.id}/cancel", reporter) diff --git a/spec/requests/api/v3/project_hooks_spec.rb b/spec/requests/api/v3/project_hooks_spec.rb index 00f59744a31..248ae97f875 100644 --- a/spec/requests/api/v3/project_hooks_spec.rb +++ b/spec/requests/api/v3/project_hooks_spec.rb @@ -13,8 +13,8 @@ describe API::ProjectHooks, 'ProjectHooks' do end before do - project.team << [user, :master] - project.team << [user3, :developer] + project.add_master(user) + project.add_developer(user3) end describe "GET /projects/:id/hooks" do @@ -205,7 +205,7 @@ describe API::ProjectHooks, 'ProjectHooks' do it "returns a 404 if a user attempts to delete project hooks he/she does not own" do test_user = create(:user) other_project = create(:project) - other_project.team << [test_user, :master] + other_project.add_master(test_user) delete v3_api("/projects/#{other_project.id}/hooks/#{hook.id}", test_user) expect(response).to have_gitlab_http_status(404) diff --git a/spec/requests/api/v3/projects_spec.rb b/spec/requests/api/v3/projects_spec.rb index 27288b98d1c..13e465e0b2d 100644 --- a/spec/requests/api/v3/projects_spec.rb +++ b/spec/requests/api/v3/projects_spec.rb @@ -753,7 +753,7 @@ describe API::V3::Projects do describe 'permissions' do context 'all projects' do - before { project.team << [user, :master] } + before { project.add_master(user) } it 'contains permission information' do get v3_api("/projects", user) @@ -767,7 +767,7 @@ describe API::V3::Projects do context 'personal project' do it 'sets project access and returns 200' do - project.team << [user, :master] + project.add_master(user) get v3_api("/projects/#{project.id}", user) expect(response).to have_gitlab_http_status(200) @@ -1362,7 +1362,7 @@ describe API::V3::Projects do context 'user without archiving rights to the project' do before do - project.team << [user3, :developer] + project.add_developer(user3) end it 'rejects the action' do @@ -1398,7 +1398,7 @@ describe API::V3::Projects do context 'user without archiving rights to the project' do before do - project.team << [user3, :developer] + project.add_developer(user3) end it 'rejects the action' do @@ -1466,7 +1466,7 @@ describe API::V3::Projects do it 'does not remove a project if not an owner' do user3 = create(:user) - project.team << [user3, :developer] + project.add_developer(user3) delete v3_api("/projects/#{project.id}", user3) expect(response).to have_gitlab_http_status(403) end diff --git a/spec/requests/api/v3/services_spec.rb b/spec/requests/api/v3/services_spec.rb index 8f212ab6be6..c69a7d58ca6 100644 --- a/spec/requests/api/v3/services_spec.rb +++ b/spec/requests/api/v3/services_spec.rb @@ -10,6 +10,10 @@ describe API::V3::Services do describe "DELETE /projects/:id/services/#{service.dasherize}" do include_context service + before do + initialize_service(service) + end + it "deletes #{service}" do delete v3_api("/projects/#{project.id}/services/#{dashed_service}", user) diff --git a/spec/requests/api/v3/todos_spec.rb b/spec/requests/api/v3/todos_spec.rb index 8f5c3fbf8dd..53fd962272a 100644 --- a/spec/requests/api/v3/todos_spec.rb +++ b/spec/requests/api/v3/todos_spec.rb @@ -12,8 +12,8 @@ describe API::V3::Todos do let!(:done) { create(:todo, :done, project: project_1, author: author_1, user: john_doe) } before do - project_1.team << [john_doe, :developer] - project_2.team << [john_doe, :developer] + project_1.add_developer(john_doe) + project_2.add_developer(john_doe) end describe 'DELETE /todos/:id' do diff --git a/spec/requests/api/wikis_spec.rb b/spec/requests/api/wikis_spec.rb index 65bd001e491..fb0806ff9f1 100644 --- a/spec/requests/api/wikis_spec.rb +++ b/spec/requests/api/wikis_spec.rb @@ -12,6 +12,8 @@ require 'spec_helper' describe API::Wikis do let(:user) { create(:user) } + let(:group) { create(:group).tap { |g| g.add_owner(user) } } + let(:project_wiki) { create(:project_wiki, project: project, user: user) } let(:payload) { { content: 'content', format: 'rdoc', title: 'title' } } let(:expected_keys_with_content) { %w(content format slug title) } let(:expected_keys_without_content) { %w(format slug title) } @@ -19,8 +21,8 @@ describe API::Wikis do shared_examples_for 'returns list of wiki pages' do context 'when wiki has pages' do let!(:pages) do - [create(:wiki_page, wiki: project.wiki, attrs: { title: 'page1', content: 'content of page1' }), - create(:wiki_page, wiki: project.wiki, attrs: { title: 'page2', content: 'content of page2' })] + [create(:wiki_page, wiki: project_wiki, attrs: { title: 'page1', content: 'content of page1' }), + create(:wiki_page, wiki: project_wiki, attrs: { title: 'page2', content: 'content of page2' })] end it 'returns the list of wiki pages without content' do @@ -445,7 +447,7 @@ describe API::Wikis do end describe 'PUT /projects/:id/wikis/:slug' do - let(:page) { create(:wiki_page, wiki: project.wiki) } + let(:page) { create(:wiki_page, wiki: project_wiki) } let(:payload) { { title: 'new title', content: 'new content' } } let(:url) { "/projects/#{project.id}/wikis/#{page.slug}" } @@ -568,10 +570,20 @@ describe API::Wikis do end end end + + context 'when wiki belongs to a group project' do + let(:project) { create(:project, namespace: group) } + + before do + put(api(url, user), payload) + end + + include_examples 'updates wiki page' + end end describe 'DELETE /projects/:id/wikis/:slug' do - let(:page) { create(:wiki_page, wiki: project.wiki) } + let(:page) { create(:wiki_page, wiki: project_wiki) } let(:url) { "/projects/#{project.id}/wikis/#{page.slug}" } context 'when wiki is disabled' do @@ -675,5 +687,15 @@ describe API::Wikis do end end end + + context 'when wiki belongs to a group project' do + let(:project) { create(:project, namespace: group) } + + before do + delete(api(url, user)) + end + + include_examples '204 No Content' + end end end |